Legislative Council Information Technology and Broadcasting Panel



Similar documents
Electronic Trading Information Template

SFC ELECTRONIC TRADING REGIME

Disaster Recovery and Business Continuity Plan

Oadby and Wigston Borough Council. Information and Communications Technology (I.C.T.) Section

Report in respect of. Service Disruption on 9 April 2012

Business Continuity. Disaster Recovery Plan

LEGISLATIVE COUNCIL PANEL ON FINANCIAL AFFAIRS

Connectivity Test for Upgrade of Securities and Derivatives Network (SDNet/2) for the Derivatives Market. Information Package for

IT Disaster Recovery and Business Resumption Planning Standards

B U S I N E S S C O N T I N U I T Y P L A N

Legislative Council Panel on Financial Affairs Congestion in Securities Trading Networks

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises

REVIEW OF THE INTERNAL CONTROLS OF THE RTA S INFORMATION SYSTEM

CITY UNIVERSITY OF HONG KONG

Upgrade of HKATS and DCASS to Genium INET Platform. Fallback Plan. for Exchange and Clearing Participants

ort Office of the Inspector General Department of Defense YEAR 2000 COMPLIANCE OF THE STANDARD ARMY MAINTENANCE SYSTEM-REHOST Report Number

Relocation of CCMS Data Centre to Tseung Kwan O Data Centre (Phase Two) Market Rehearsal (MR) Information Package. for. HKCC & SEOCH Participants

AUDIT GUIDELINES FOR SCHOOL DISASTER RECOVERY PLANNING

How To Manage A Business Continuity Strategy

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

Supplier IT Security Guide

Business Continuity Planning and Disaster Recovery Planning

SCHEDULE 25. Business Continuity

Offsite Disaster Recovery Plan

ISO COMPLIANCE WITH OBSERVEIT

EMERGENCY MANAGEMENT BUSINESS CONTINUITY PLANNING TEMPLATE

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

July 30, Internal Audit Report Information Technology Business Continuity Plan Information Technology Department

Canad~ Year 2000 Contingency Planning and Status Travaux publics et Services gouvernementaux Canada

Legislative Council Panel on Information Technology and Broadcasting. Hacking and Virus Activities and Preventive Measures

Birkenhead Sixth Form College IT Disaster Recovery Plan

Colocation, Hot Seat Services, Disaster Recovery Services, Secure and Controlled Environment

The Office of the Government Chief Information Officer INFORMATION SECURITY INCIDENT HANDLING GUIDELINES [G54]

Hong Kong Baptist University

University of Sunderland Business Assurance Information Security Policy

MANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION

CITY OF SAN ANTONIO OFFICE OF THE CITY AUDITOR. Follow-up Audit of Information Technology Services Department. IT Contingency Planning

DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES

PBSi Business Continuity Planning

Consider the cash demands of a financial institution's customers; Anticipate funding needs in late 1999 and early 2000;

Job Description. Job Title: Network Services Manager. Department: INFORMATION TECHNOLOGY MAIN PURPOSE OF JOB: MAIN DUTIES AND RESPONSIBILITIES:

CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard

Disaster Recovery Exercise Report: Exercise conducted November 9, 2013

Business Continuity Policy and Business Continuity Management System

ICT Disaster Recovery Plan

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

Information Paper for the Legislative Council Panel on Financial Affairs. Protection of Consumer Credit Data

Legislative Council Panel on Information Technology and Broadcasting. Information Security

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004

Comprehensive Emergency Management Plan (CEMP) Annex V CONTINUITY OF OPERATIONS PLAN (COOP)

Year 2000 Business Continuity Planning: Guidelines for Financial Institutions Introduction

Business Continuity (Policy & Procedure)

Business Continuity Management. Policy Statement and Strategy

Year 2000 Business Continuity and Contingency Planning: Day One Strategy (Report Number TR-AR )

GUIDANCE NOTE ON OUTSOURCING

Fully Managed IT Support. Proactive Maintenance. Disaster Recovery. Remote Support. Service Desk. Call Centre. Fully Managed Services Guide July 2007

DCU BULLETIN Division of Credit Unions Washington State Department of Financial Institutions Phone: (360) FAX: (360)

Overview of how to test a. Business Continuity Plan

Riverhead Central School District

Business Unit CONTINGENCY PLAN

Disaster Recovery Committee. Learning Resource Center Specialist

Ames Consolidated Information Technology Services (A-CITS) Statement of Work

Disaster Recovery and Business Continuity

BUSINESS CONTINUITY PLANNING

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan

CODE OF PRACTICE. Safety Management. Occupational Safety and Health Branch Labour Department CODE OF PRACTICE ON SAFETY MANAGEMENT 1

ITEM FOR ESTABLISHMENT SUBCOMMITTEE OF FINANCE COMMITTEE

INFORMATION TECHNOLOGY MANAGEMENT CONTENTS. CHAPTER C RISKS Risk Assessment 357-7

Disaster recovery planning.

Supervisory Policy Manual

SUPERVISORY AND REGULATORY GUIDELINES: PU BUSINESS CONTINUITY GUIDELINES

MarketAxess Business Continuity Plan Disclosure

Memorandum. ACTION: Report on Computer Security Controls of Financial Management System, FTA FE May 23, 2000.

Business Continuity and Disaster Recovery Planning

<Project Name> ACCEPTANCE TEST PLAN <SCOPE OF TEST E.G. SYSTEM TESTING> <BUSINESS UNIT/DIVISION> DEPARTMENT of INFRASTRUCTURE, ENERGY and RESOURCES

Update from the Business Continuity Working Group

By: Tracy Hall. Community Bank Auditors Group Taking Your Business Continuity Plan To The Next Level. June 9, 2015

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) Fax: (718)

BUSINESS CONTINUITY STRATEGY

Building Integration System (BIS)

Overview of Business Continuity Planning Sally Meglathery Payoff

Business Continuity Exercise: Electricity Supply Failure Appendix 4.4

Business Continuity Plan Guidance and Template to support Small Businesses

JANSSEN PARTNERS, INC. Business Continuity Plan (BCP)

IT Disaster Recovery Plan Template

How To Check If Nasa Can Protect Itself From Hackers

Continuity of Operations Planning. A step by step guide for business

Business Continuity Plans

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?

CITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard

GAO. Year 2000 Computing Crisis: Business Continuity and Contingency Planning

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS

Management Advisory Page 2 of 10

Disaster Recovery Plan The Business Imperatives

Audit, Finance and Legislative Committee Mayor Craig Lowe, Chair Mayor-Commissioner Pro Tem Thomas Hawkins, Member

Guidelines for Digital Imaging Systems

ADDENDUM 5 TO APPENDIX 4 TO SCHEDULE 3.3

BUSINESS CONTINUITY PLANNING AT THE NATIONAL GALLERY OF AUSTRALIA. Erica Persak

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Transcription:

For Information on 8 November 1999 Legislative Council Information Technology and Broadcasting Panel Rectification Work of Y2K Compliance and Contingency Planning of Critical Systems and Equipment of Urban Services Department Purpose This paper reports the latest progress of USD in rectifying the Y2K problem in its mission-critical systems and equipment and its contingency plans to cope with Y2K-induced incidents. Overall Progress 2. In planning and implementing the rectification work of the Y2K problem, USD has strictly followed the guidelines of ITSD, EMSD and OFTA. The Y2K rectification work and testing of all critical IT systems, embedded systems and line communication systems were all successfully completed in June 1999. Please refer to the Appendix for details. 3. To further ensure that all mission-critical IT systems are Y2K compliant, USD has arranged simulated Y2K-compliance tests (Y2K Day) for all mission-critical IT systems in a production environment. Tests were conducted between July and September 1999, and all systems have successfully passed the tests. 4. As for the embedded systems and line communication systems, the Department requested that all mission-critical systems and equipment should have the written confirmation of the contractors or the maintenance contractors to ensure they are Y2K compliant. Besides, additional on-site Y2K audit tests on these systems and equipment were also arranged to verify the rectification work conducted by third parties. To ensure a prompt remedy for any system and equipment failure caused by the Y2K problem, special arrangement has been made with EMSD for

- - 2 an on-site Y2K emergency team to be stationed at critical USD buildings round the clock during Y2K critical periods. Departmental Working Groups and Supporting Services 5. USD attaches great importance to the resolution of the Y2K problem. A central support team, led by the Assistant Director (Information Technology) and responsible for coordinating and supervising all Y2K-related work, has been set up in the Information Technology Centre. Furthermore, each of the four branches of USD has its own Y2K task force to oversee the progress of Y2K rectification work within the branch. In addition, a 24-hour departmental support hotline has been set up since July 1999 to provide prompt response to enquiries and requests for assistance in regard to the Y2K problem raised. Contingency Plan 6. The contingency plans for all mission-critical systems and equipment have been well formulated by USD to avoid any possible disruption caused by the Y2K problem on the Department s services to the public. The contingency plans should state clearly how to provide services to the public in case of any services disruptions caused by the Y2K problem. Contingency measures to be adopted include fall back manual systems, paper-based backup copies, additional standby manpower. For instance, hard copies of all important ticketing and financial information of URBTIX will be printed two days before the critical date. After the end of ticketing services on the day before the critical date, ticket sales information in all performance venues will be copied to the seat plans which will be distributed to the ticketing outlets. In addition, the system will make additional backup copies. The backup computer system in the disaster recovery centre will also be started to cope with any contingencies. If the main computer system and backup computer system break down simultaneously because of the Y2K problem, the system date will be reset for system recovery. If the system is still unable to recover, the ticketing offices would operate manually according to the ticketing information printouts and continue to provide door sales and seven days advance booking services for the performances at the arts venues. In addition, the Provisional Urban Council Public

- - 3 Library Automation System will make additional backup copies on the date before the critical date. In the event of the system disruption due to Y2K problem, the system date will be reset so that the system can partially be resumed to support library daily operation, e.g. providing online catalogue access services, etc. This arrangement, together with manual fall back plans, will enable the service to the public uninterrupted. 7. The risk factors of critical business partners and basic utility services have also been taken into consideration when preparing the contingency plans. For example, the IT Centre of USD has been equipped with backup power supply system. If territory-wide power supply was interrupted, the power supply to the IT Centre would be switched to an independent backup power generator immediately. Furthermore, a backup data communication network has been set up for the mission-critical IT systems. If the primary network failed due to Y2K problem, the systems would be switched to the disaster recovery centre via the backup network. 8. All contingency plans have been audited by the Department s central support team. The Department has also arranged drill exercises for all contingency plans to test their feasibility and provide front end staff with an opportunity to carry out the plans for practice. All drill exercises have been completed in October this year. Y2K Emergency Command Centre 9. A Y2K Emergency Command Centre has been set up in the Department to provide effective control and coordination over branches and sections during the rollover to the Y2K critical dates. The Command Centre is responsible for monitoring of all mission-critical systems and equipment and keeping a close contact with the Y2K Central Co-ordinating Centre. 10. The Command Centre starts functioning 7 days before the Y2K critical dates and operates round the clock on the critical date and the day before. The tasks include all of the followings:! remind all staff to stay alert on the critical dates and avoid

- - 4 enhancement or maintenance work of systems and equipment! reserve manpower and resources for contingencies! ensure any preparation for the contingency plans has properly started! work out the processing timetable of the mission-critical IT systems on the critical dates and the days before! ensure the preparation of the list of action items for the systems and equipment on the critical dates! ensure important computer records are printed and kept properly and additional backup for important information and programmes are done! ensure the readiness of backup computer systems In the meantime, USD will establish an attendance system according to the guidelines of ITSD for all mission-critical systems and equipment and front end staff and line managers are required to attend all the missioncritical systems and equipment on the critical dates such as the period between 31 December 1999 to 3 January 2000 such that any Y2Kinduced failures can be tackled promptly. 11. The Command Centre will closely monitor all mission-critical systems and equipment on the critical dates. When a Y2K incident is suspected, the staff will notify the Command Centre of the details of the incident and the corresponding actions through the Y2K hotline. The Command Centre will report the progress of the incident to the Director of Urban Services and the Y2K Central Co-ordinating Centre. The Department will execute the contingency plan if the system fails to recover within the specified time. In the morning of the critical dates, the Command Centre will conduct wellness check for all missioncritical systems and equipment to ensure they function properly. The latest progress will be reported to the Director and the Central Coordinating Centre. Urban Services Department November 1999

Appendix Progress of Y2K Rectification Work for Mission-critical Systems and Equipment in USD (As at 1 November 1999) Type of Mission-critical Systems and Equipment (A) Systems and equipment confirmed to be Y2K compliant by manufacturers or contractors. (B) Systems and equipment certified to be Y2K compliant after upgrading, rectification and testing. (C) Systems and equipment which will be Y2K compliant after clock resets / Systems and equipment which have not been confirmed to be Y2K compliant by suppliers but have been proved to be Y2K compliant after detailed testing. Mission- Critical Computer Systems 5 (27.8%) Note 1 11 (61.1%) Note 2 2 (11.1%) Note 3 Mission- Critical Embedded Systems Mission-Critical Line Communication Systems 247 (86.4%) 18 (85.7%) Note 4 38 (13.3%) 1 (4.8%) Note 5 1 (0.3%) 2 (9.5%) Total 18 (100.0%) 286 (100.0%) 21 (100.0%)

Note 1: Systems confirmed to be Y2K compliant by manufacturers or contractors : 1. Cemeteries and Crematoria Services Computer system 2. PUC Chamber Conference and Voting System 3. PUC Secretariat Office Automation and Document Retrieval System 4. USD Office Automation and Document Retrieval System 5. Museum Pass System Note 2: Systems certified to be Y2K compliant after upgrading, rectification and testing: 1. Urban Ticketing system for Cultural Programmes (URBTIX) 2. Sports Facilities Booking and Ticketing System (SPORTIX) 3. Box Office Management Information System (BOMIS) 4. Municipal Services Grades Management System 5. USD Hotline Computer System 6. Transport Management Information System 7. Licence / Permit System 8. Hawker License System 9. Market Stalls Rental System 10. Payment of Creditors System 11. Revenue Collection System

Note 3: Systems and equipment which will be Y2K compliant after clock resets / systems and equipment which have not been confirmed to be Y2K compliant by suppliers but have been proved to be Y2K compliant after detailed testing: 1. Library Automation System 2. PC Backup System for Library Automation System Note 4: Among the 18 critical line communication systems, the commercial telephone system in the former Hong Kong Museum of History (HKMH) has ceased to be in operation after relocation and has been replaced by a Y2Kcompliant one in the new HKMH. Note 5: The interactive voice response system of USD hotline.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information